Source: Ars Technica
“Tracking code that Meta and Russia-based Yandex embed into millions of websites is de-anonymizing visitors by abusing legitimate Internet protocols, causing Chrome and other browsers to surreptitiously send unique identifiers to native apps installed on a device, researchers have discovered. Google says it’s investigating the abuse, which allows Meta and Yandex to convert ephemeral web identifiers into persistent mobile app user identities. The covert tracking — implemented in the Meta Pixel and Yandex Metrica trackers — allows Meta and Yandex to bypass core security and privacy protections provided by both the Android operating system and browsers that run on it. … A representative for Google said the behavior violates the terms of service for its Play marketplace and the privacy expectations of Android users.” (06/03/25)